1. Field
The present disclosure relates to database event notifications. More specifically, the present disclosure relates to securing database event notifications using mutual authentication between database server and client.
2. Related Art
In a database, events can include changes made to database table entries and user account activities, such as creating a new user account or logging into an existing user account. A database management system (DBMS) provides infrastructure to allow a client to register for events of interest, and to allow a database server to send notifications to the client when those events occur in the database.
Once an event occurs in a database, the database server opens communication channels to clients, which may have been disconnected from the database, and sends event notifications via these communication channels. On the client side, while waiting, the client spawns a listener process to accept communication channels from the database server and to receive event notifications on these communication channels.
Currently, there is no mutual authentication between the database server that sends out event notifications and the client listener. The client is listening on an open port waiting for event notifications. Because the client does not authenticate communication channels for receiving event notifications from a database server, the client is vulnerable to buffer-overflow attacks from malicious users. Such attacks can crash the client or engage it in denial-of-service attacks, thus preventing notification delivery to legitimate registrations at the client. In addition, the client may also suffer from replay attacks. On the other hand, because the database server does not authenticate a client who is receiving event notifications, it is possible for a malicious user to pose as a legitimate client to receive unauthorized notifications.
Some database management systems, such as the Oracle relational DBMS (RDBMS), provide security options (e.g., Oracle Advanced Security Options (ASO)) to address these security concerns. However, many database client/server installations do not support ASO and still use conventional event notifications, such as Oracle Call Interface (OCI) notifications or Java Database Connectivity (JDBC) notifications. What is needed is a method that can provide an acceptable level of security for event notifications for database client/server installations that do not have these security options.